Today, June 5, marks the first anniversary of the beginning of the Edward Snowden revelations—a landmark event in global awareness of the worldwide spying machine.

Over the last year, the world has learned specific details of how the NSA and its four closest allies in the Five Eyes partnership (United Kingdom, Canada, Australia, and New Zealand) have constructed a web of digital communications surveillance systems at the technical and operational levels spanning the entire globe. We have learned the details of the extent of cooperation and intelligence-sharing among these countries, and have witnessed how material gathered under one country's surveillance regime is readily shared with others.

The dispersed locations of the Five Eyes countries enable them to surveil most of the world’s Internet traffic as it transits through their hubs and is stored in their various territories. Moreover, they have partnered with over 80 major global corporations to leverage their spying capabilities. The scope and reach of their cooperation and intelligence sharing has shocked the world.

In a leaked internal document, the NSA defined their “collection posture” as being to “sniff, know, collect, process, exploit, partner it all.” This proves what many privacy advocates had suspected for a long time: The NSA has strayed far from its legitimate goal of protecting national security. In fact, we have seen the NSA participate in economic espionage, diplomatic spying and suspicionless surveillance of entire populations. Even worse, it surreptitiously weakened the products and standards that many people use to protect themselves against online spying.

While the Snowden revelations have proven invaluable in confirming the existence of global, cross-border spying by the NSA and its four primary allies, the governments of the affected billions of Internet and telephone users have been slow to fight back. In some cases, United States's allies might be holding back because of their own tangled complicity in this shared network. Others, like Russia and China, have their own pervasive surveillance networks and arrangements to protect.

Even before Snowden leaked his first document, human rights lawyers and activists were concerned about law enforcement and intelligence agencies spying on the digital world. One of the tools developed to tackle those concerns was the development of the International Principles on the Application of Human Rights to Communications Surveillance (the “Necessary and Proportionate Principles”). This set of principles was intended to guide governments in understanding how new surveillance technologies eat away at fundamental freedoms, and outlined how communications surveillance can be conducted in a manner consistent with human rights obligations. The Necessary and Proportionate Principles are intended to work as a resource for citizens to measure government surveillance practices against international human rights standards.

To mark the first anniversary of the Snowden disclosures, the Electronic Frontier Foundation is releasing Unnecessary and Disproportionate, a report detailing how some of the NSA spying operations violate both human rights standards and the Necessary and Proportionate Principles.

The report finds that NSA surveillance programs…

Lack “legality”, in that NSA surveillance laws are largely governed by a body of secret law developed by a secret court, the Foreign Intelligence Surveillance Court (FISC), which selectively publishes its legal interpretations of the law;

Are neither “necessary,” nor “proportionate,” in that the various programs in which communications data are obtained in bulk violate the privacy rights of millions of persons who are not suspected of having any connection to international terrorism;

Are not supported by competent judicial authority because the only judicial approval, if any, comes from the FISC, which operates outside of normal adversarial procedures such that the individuals whose data are collected lack access to the court;

Lack due process because the FISC presents no opportunity for a public hearing;

Lack user notification: those whose data is obtained do not know that their communications have been monitored and hence they cannot appeal the decision nor get legal representation to defend themselves;

Lack the required transparency and public oversight, because they operate in secret and rely on gag orders against the entities from whom the data are obtained, along with secret, if any, court proceedings;

Damage the integrity of communication systems by undermining security systems, such as encryption, requiring the insertion of surveillance back doors in communications technologies, including the installation of fiber optic splitters in transmission hubs.

The report also concludes that the US surveillance framework is illegitimate because it applies less favorable standards to non-US persons than its own citizens, a violation of the International Covenant on Civil and Political Rights (ICCPR).

The United States justifies the lawfulness of its communications surveillance by making reference to distinctions that, in the context of modern communications technology, are irrelevant to truly protecting privacy in a modern society. The US relies on the outmoded distinction between “content” and “metadata,” falsely contending that the latter does not reveal private facts about an individual.

The US also contends that the collection of data is not surveillance—it argues, contrary to both international law and the Principles, that an individual’s privacy rights are not infringed as long as her communications data are not analyzed by a human being. It’s clear that the practice of digital surveillance by the United States has overrun the bounds of human rights standards. What our paper hopes to show is exactly where the country has crossed the line, and how its own politicians and the international community might rein it back.

Now that a year has passed it’s clear that we need to update both our global technical infrastructure and local laws, consistent with long-standing international human rights standards, in order to regain any reasonable degree of privacy. Specifically, we must end mass surveillance. Politicians in every country need to stand up to the NSA's incursions on their territory. The United States needs to reform its laws to recognize the privacy rights of innocent foreigners.

Human rights activists, technology experts and open Internet advocates in every country must work together to push for digital communications privacy protections at national and international levels around the globe. The Thirteen Principles on Communications Surveillance represent one robust global effort to tackle this challenge. Visit the Thirteen Principles site to learn more about the project and find out how you can get involved.

]]>http://advocacy.globalvoicesonline.org/2014/06/05/how-the-nsa-violates-international-human-rights-standards/feed/0Peruvians To President: Our Digital Rights Are Non-Negotiablehttp://advocacy.globalvoicesonline.org/2013/05/12/peruvians-to-president-our-digital-rights-are-non-negotiable/
http://advocacy.globalvoicesonline.org/2013/05/12/peruvians-to-president-our-digital-rights-are-non-negotiable/#commentsSun, 12 May 2013 17:55:03 +0000http://advocacy.globalvoicesonline.org/?p=13814The original version of this post was published on the website of the Electronic Frontier Foundation. Katitza Rodriguez is the International Rights Director for EFF and a contributor to Global Voices Advocacy. She is Peruvian, and has spent the last few weeks in Lima working with her fellow citizens to draw attention to TPP's flaws.

For years, music, film and other content industries in the US have been lobbying, in national law or within trade agreements, for overreaching rules that would break the Internet in the name of copyright enforcement. Lately, such proposals range from termination of users’ account on the mere allegation of copyright infringement to enacting censorship powers that would make parts of the global Internet disappear from view. Proposed policies could also introduce digital locks laws that stifle online innovation and restrict the ability to use lawfully-acquired digital content.

The Trans-Pacific Partnership (TPP) agreement is the latest forum where these overreaching standards are being laundered. The TPP is a secretive treaty that includes a set of intellectual property rules that target the Internet. The 17th round of negotiations over TPP starts next week in Lima, Peru. Up for debate are the provisions dealing with intellectual property – including online copyright enforcement, DMCA-style digital locks, and Internet intermediary liability.

One of the major concerns about TPP is its capacity to rewrite global rules on intellectual property enforcement. All signatory countries will be required to match their domestic laws and policies to the provisions of the TPP. Future changes to those laws may involve re-negotiating the treaty. In Peru, this is likely to further entrench controversial aspects of Peruvian copyright law and restrict the ability of the Peruvian Congress to engage in domestic law reform to meet the evolving IP needs and realities of Peruvian citizens and their growing technology sector.

This is why a well-known network of Peruvian NGOs, including RedGE and Hiperderecho, have launched a campaign asking President Ollanta Humala Tasso to set clear, non-negotiable limitations to ensure that Peruvians’ fundamental rights in the TPP are respected.

The campaign asks President Humala to:

Not accept new conditions in the treaty's intellectual property chapter that hinder or make more expensive our access to medicines and medical treatment.

Not accept conditions on the intellectual property chapter that jeopardize the Internet, our freedom of speech or our ability to do research or innovate using art and technology.

In the investment chapter, to include the necessary safeguards to ensure the state's ability to enforce national laws, especially on issues of public health and environment.

Would you remain silent if someone is discussing the way you work, create or express yourself? The TPP may change the way we as consumers and professionals interact with cultural goods and technology. But we can stop it if we speak. We invite you to join us in this petition asking the peruvian government to express clear non negotiable lines in this treaty. We won't make it without your voice.

Any changes to the conditions governing limitations on Internet intermediary liability could have a significant and detrimental impact on Internet users’ ability to seek, receive and impart information, and could harm the Internet's end-to-end architecture. How TPP countries approach these issues can determine the future of the global Internet.

If you are Peruvian and think that the President should set clear,non-negotiable limits on the TPP, consider joining the online petition in Peru by signing here http://www.nonegociable.pe/. If you live outside Peru, but want to help with the Peruvian campaign, please get the word out about the campaign in blogs, and on Facebook and Twitter (using the hashtags #yaratpp and #notpp).

]]>http://advocacy.globalvoicesonline.org/2013/05/12/peruvians-to-president-our-digital-rights-are-non-negotiable/feed/0TPP: Biggest Threat to Global Internet Since ACTA?http://advocacy.globalvoicesonline.org/2013/05/01/tpp-biggest-threat-to-global-internet-since-acta/
http://advocacy.globalvoicesonline.org/2013/05/01/tpp-biggest-threat-to-global-internet-since-acta/#commentsWed, 01 May 2013 10:00:07 +0000http://advocacy.globalvoicesonline.org/?p=13645This article was co-authored by Maira Sutton and Katitza Rodriguez of the Electronic Frontier Foundation. Its original version can be found here.

The United States and ten governments from around the Pacific region are meeting yet again to hash out the Trans-Pacific Partnership trade agreement (TPP) on May 15-24 in Lima, Peru. The TPP is one of the worst global threats to the Internet since ACTA. Since negotiations have been secretive from the beginning of the process, advocates seeking to learn more about the agreement have been relying on a leaked draft [PDF] of the treaty from February 2011. Based on that text, some other leaked notes, and the undemocratic nature of the entire process, we have every reason to be alarmed about the copyright enforcement provisions contained in this multinational trade deal.

The TPP is likely to export some of the worst features of US copyright law to Pacific Rim countries: a broad ban on breaking digital locks on devices and creative works (even for legal purposes), a minimum copyright term of the lifetime of the creator plus seventy years (the current international norm is the lifetime plus fifty years), privatization of enforcement for copyright infringement, ruinous statutory damages with no proof of actual harm, and government seizures of computers and equipment involved in alleged infringement. Moreover, the TPP is worse than US copyright rules: it does not export the many balances and exceptions under US law that favor the public interest and act as safety valves in limiting rightsholders’ protections.

Adding insult to injury, the TPP's temporary copies provision will likely create chilling effects on how people and companies behave online and their basic ability to use and create on the Web. The stated goal of the TPP is to unite Pacific Rim countries by harmonizing tariffs and trade rules between them, but in reality, it's much more than that. The “intellectual property” chapter in this massive trade agreement will likely force changes to copyright and patent rules in each of the signatory countries. Accepting these new rules will not just re-write national laws, it will also restrict the possibility for countries to introduce more balanced copyright laws in the future.

This strategy may end up harming more proportionate laws in countries such as Chile, where a judicial order is required for ISPs to be held liable for copyright infringement or to take down content. Such systems better protect users and intermediaries from disproportionate or censorship-driven takedowns. If the final TPP text forces countries to adopt a privatized notice-and-takedown regime, this could imply the end of the Chilean system. It would also undermine Canada's notice-and-notice regime.

Film, music and other content industries can and will continue to use their economic and political power to get laws that protects their interests. They did it with SOPA and ACTA, and now it's happening with TPP [es]. It's going to be a challenge to defeat these policies, but users can do it. The TPP is slated for conclusion this October, but our goal is to get the worst of these copyright provisions out of it. The way to fight back is to show that we will not put up with this: to demand an open, transparent process that allows everyone, including experts from civil society, to analyze, question, and probe any initiatives to regulate the Internet. The secrecy must be stopped once and for all.

Digital rights advocacy groups around the world are working to change the TPP process and bring users’ concerns to the table. Users in any country can join a campaign led by Canadian NGO OpenMedia by clickinghere. Users in the US can join EFF's campaign, directed at US Congress members, which calls for the immediate release of the text of the TPP and demands that this process become democratic and transparent.

Below is EFF's infographic highlighting the most problematic aspects of TPP. Please spread the word about how this agreement will impact you and your country. Right-click and save the image for the PNG file, or you can download the PDF version below. Remix it, build upon it, and get the word out. Let's protect and defend the Internet from this secret trade deal.

]]>http://advocacy.globalvoicesonline.org/2013/05/01/tpp-biggest-threat-to-global-internet-since-acta/feed/5Surveillance Camp III: On the Expanding Online Security Market in Latin Americahttp://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-iii/
http://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-iii/#commentsWed, 06 Feb 2013 06:40:19 +0000http://advocacy.globalvoicesonline.org/?p=12279This is the third in a series of posts mapping global surveillance challenges discussed at EFF’s Surveillance Camp in Rio de Janeiro, Brazil. Earlier posts can be found here and here.

Recently, we wrote about how companies throughout the world increasingly face political and legal pressures to assist governments in their surveillance efforts and the many ways in which the private sector is increasingly playing a role in state surveillance. In December 2012, EFF's Surveillance and Human Rights Camp in Brazil built upon this discussion and focused a spotlight on the privatization of public security, government-funded surveillance initiatives, and the lack of quantifiable research on security markets in Latin America. Here is what we learned:

the transition to democracy produced a formal institutional reform of the security sector, which, in turn, allowed former military personnel to maintain informal mechanisms of control through the private sector.

This is why the proliferation of companies providing security services has increased alongside the transition to democracy and state security sector reform.

At the EFF Camp, Guatemalan Human Rights lawyer and Global Voices Author Renata Avila pointed out that the problem in Guatemala falls not only in the privatization of security services, but also in the lack of regulation of these private companies or enforcement of existing law:

“Private security companies have no accountability in this regard. There is no oversight on the invasive data they collect: In any residential area or building, the private guards can ask to scan your ID. They can photograph your car, and try to record where you go, who you visit, and any other personal details they can get. With a mandatory biometric ID—as Guatemalans have— combined with the hundreds of cameras and over two thousand private security companies storing and sharing data, the future of privacy for activists and citizens in general is compromised.

Another danger is that there is some degree of popular support due to the high level of criminality in several countries in Central America. Citizens see surveillance technologies as a way to tackle crime and reason that ‘if you have done nothing wrong, then you have nothing to keep from the state’. However, there is a lack of research based evidence that shows that the high levels of surveillance leads to a decrease in crime.”

This increasing demand for private security services has attracted security contractors armed with new surveillance technologies to the region, and is expanding the security industry in Latin America. Yet much research has yet to be done on the impact of the security market: how security markets compare across countries, the quantity of products sold to governments versus private individuals, and the impact on civil liberties need further investigation. EFF Camp participants called attention to the need for further research into the privatization of public security and the impact of security markets in Latin America and other countries.

]]>http://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-iii/feed/2Surveillance Camp II: Privatized State Surveillancehttp://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-ii-privatized-state-surveillance/
http://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-ii-privatized-state-surveillance/#commentsWed, 06 Feb 2013 06:26:13 +0000http://advocacy.globalvoicesonline.org/?p=12253This is the second in a series of posts mapping global surveillance challenges discussed at EFF’s Surveillance Camp held in Rio de Janeiro, Brazil in December 2012. Several Global Voices Advocacy Members actively participated in the meeting. Here is a summary of what we learned:

In December 2012, EFF organized a Surveillance and Human Rights Camp in Brazil that brought together a diverse group of experts concerned about electronic surveillance by governments in Latin America and other parts of the world. Among other concerns, participants highlighted the many ways in which the private sector increasingly plays a role in state surveillance. Here are a few examples:

Voluntary Agreements Between Law Enforcement and Private Companies

Image by Alan Clever (CC BY 2.0)

Often law enforcement agencies will approach companies asking for voluntary disclosure of information for investigative purposes. Yet those requests may look and sound more like threats, with a great deal of moral pressure applied on the companies.

This kind of voluntary assistance that companies provide to governments remains out of the public eye: the individual does not receive notification about the government request, and the process is not codified in law. It is often not clearly disclosed in the company's terms of service or user agreement. Currently there is minimal if any oversight for such voluntary cooperation, so the scope of assistance provided is not well-documented.

Canada

Canadian ISPs have jointly decided to provide identifying data about Canadian Internet users to law enforcement agencies in child exploitation investigations. In fact, several Canadian ISPs have developed a formal protocol in conjunction with various law enforcement agencies to be used when those authorities are seeking identification information associated with a given IP address at a specific date and time. Since the adoption of this protocol, some ISPs have expanded their information sharing practices to cover customer identification data in other contexts, such as online harassment cases.

Law Enforcement Approaching Service Providers Without Legally-Required Authorization

A growing concern is the number of law enforcement officers skirting the law by asking service providers to simply fork over information without any sort of search warrant. Even when legal procedures require authorities to obtain a search warrant prior to making their request, police increasingly request information without obtaining a legal authorization. Nevertheless, they often expect full compliance from service providers.

Chile

In 2008, a Chilean website called Huelga.cl (“strike” in English) was approached by the Cyber Crime Section of the Chilean Police. The site is an online space for coordinating union actions. The agency demanded that the webmaster hand over data related to pseudonymous user accounts, such as IP addresses, records of previous connections, real names, and physical addresses. The targeted users had left comments on a website about an ongoing strike.

In this case, because police did not have a court order to back up the request for information, Huelga.cl took a stand by resisting police pressure and refusing to hand over the data without a fight. For legal assistance, they turned to Derechos Digitales, a Chilean online human rights nonprofit organization, and managed to resist the request.

In another case, the Regional Director of the Chilean Department of Labor, the agency responsible for ensuring the enforcement of labor laws, sent a letter to Huelga.cl simply demanding the removal of “inappropriate content” from their website along with the disclosure of user information, but it was only for administrative purposes as opposed to serious criminal investigations. Huegal.cl again refused to comply and instead made the director’s demands public.

It is not always the case that service providers can resist extralegal government requests, find legal advice or gather the economic resources necessary to fight against such demands as Huelga.cl did. Huelga.cl should be praised for speaking up and managing to make the request from law enforcement public.

Governments Pressure Private Sector

Governments frequently impose heavy fines when companies do not comply with their requests for access to user data. This form of coercion acts as a mechanism of enforcement over service providers and can raise serious concerns for privacy and free expression. The service provider is left with little incentive to resist illegitimate requests from the government when they are threatened with heavy fines.

Brazil

In 2012, a Brazilian judge froze Google's accounts and imposed a fine on the company for refusing to remove three anonymous blogs hosted by Google or reveal contact details of the bloggers. The blogs had reported on allegations that the mayor of Varzea Alegre, a small city in northern Brazil had engaged in corruption and embezzlement.

While some companies might be able to withstand governmental pressure, this often will not be the case for smaller companies that lack resources and influence. This is particularly true in contexts where heavy fines for noncompliance are written into legislation, and companies are not given legal avenues to appeal or fight the fine.

Foreign Government Access To Individuals’ Data in the Cloud

Governments are increasingly seeking to negotiate access or interception capabilities to user data with companies that do not lie within their jurisdictions. This form of access is complicated because it is not always clear which country’s laws apply or to what extent. Because of the complex nature of these requests, governments often look for “easy” solutions that call for voluntary disclosure of information or simply allow full access to the user data.

For example, government officials in India have been pushing for real-time interception capabilities for all BlackBerry services. In response to demands from the Indian Government, BlackBerry parent company Research in Motion (RIM) set up a Network Operations Center in Mumbai, providing security agencies with access to BlackBerry Messenger services and Internet services. In addition to asking RIM for real-time access to communications, the Government of India required in-country service providers to adopt the solution provided by RIM by the end of 2012 or risk being shut down.

According to Elonnai Hickok from the Centre for Internet and Society in Bangalore, India, what happened between RIM and the Indian Government is just one example of how governments are trying to negotiate their interests in light of the challenges posed by communications stored in the cloud and in multiple jurisdictions.

While the Internet is technically borderless, in reality, state actors impose their sovereignty onto online environments with increasing frequency. The exercise of sovereignty over shared spaces can subject individuals to the laws of another country without any awareness on their part that this has happened. This in effect transforms the surveillance efforts of one country into privacy risks for all the world’s citizens.

Conclusion

State agencies and law enforcement are increasingly outsourcing investigations to private companies that are not under the same terms of judicial oversight as official law enforcement entities would be. The increasingly closed and non-transparent connection between the private sector and law enforcement needs to be addressed, as it poses a risk to the rights and freedoms of users. Of major concern to all Camp participants was the notion that private companies routinely comply with the requests of law enforcement in the absence of due process. We encourage further research and documentation of this phenomenon. To highlight this issue, we will be blogging next about the privatization of public security in Latin America.

]]>http://advocacy.globalvoicesonline.org/2013/02/06/surveillance-camp-ii-privatized-state-surveillance/feed/0International Privacy Day: Anti-Surveillance Success Storieshttp://advocacy.globalvoicesonline.org/2013/01/31/international-privacy-day-anti-surveillance-success-stories/
http://advocacy.globalvoicesonline.org/2013/01/31/international-privacy-day-anti-surveillance-success-stories/#commentsWed, 30 Jan 2013 23:30:12 +0000http://advocacy.globalvoicesonline.org/?p=12258January 28 marked International Privacy Day. Different countries celebrated this day calling attention to their own events and campaigns. This year, EFF is honoring the day by sharing some advocacy strategies utilized by human rights advocates and activists from Argentina, the UK, Canada, and the United States, that have helped to defeat overreaching surveillance proposals that threaten civil liberties.

]]>http://advocacy.globalvoicesonline.org/2013/01/31/international-privacy-day-anti-surveillance-success-stories/feed/3Surveillance Camp I: Mapping Strategies to Counteract Online Spying in Latin Americahttp://advocacy.globalvoicesonline.org/2013/01/31/surveillance-camp-i-mapping-strategies-to-counteract-online-spying-in-latin-america/
http://advocacy.globalvoicesonline.org/2013/01/31/surveillance-camp-i-mapping-strategies-to-counteract-online-spying-in-latin-america/#commentsWed, 30 Jan 2013 22:44:59 +0000http://advocacy.globalvoicesonline.org/?p=12248This is the first in a series of posts mapping state surveillance challenges in Latin America and lessons learned at EFF's State Surveillance Camp in Rio de Janeiro, Brasil.

What happens when you place a mix of journalists, technologists, human rights lawyers, digital rights activists, and victims of surveillance from around the world in a room to map the problems of electronic surveillance? What emerges is a complicated story made up of a number of complicated stories. Each participant brings a particular expertise to bear on the larger surveillance puzzle. Taken as a whole, these voices paint a portrait of state surveillance that is far more contextual and diverse than most people could imagine. More than anything else, what one learns is the critical role that context—the unique political histories and conflicts, socio-cultural expectations, and surrounding foreign and national policies—plays in shaping how state surveillance programs and practices are being carried out. This includes who can be surveilled and the ability of citizens to challenge surveillance. In spite of these disparate conditions, some surveillance practices are common to Latin America and continue to reappear amidst very different contexts.

With this in mind, at the end of last year, several Global Voices Advocacy members attended EFF's Surveillance and Human Rights Camp in Brazil that pulled together the expertise of different constituents concerned about electronic surveillance, and this is what we’ve learned:

Surveillance in Context

While most Latin American countries have democratically-elected governments, few have traditions of strong privacy protections. Intense political instability, internal wars, and military regimes have long established cultures of state surveillance in many countries. Colombia, Peru, Mexico, Paraguay, and other Central Americans countries have experienced multiple internal wars: the war against terrorism and the war against drug trafficking to name a few. These wars have created a reactionary climate and have bred a rapid expansion of surveillance architecture. On the other side of the spectrum, countries like Argentina and Chile have endured military regimes but have not faced similarly intensive drug wars and terrorism conflicts. Nevertheless, many such countries, including Argentina, have instituted compulsory national ID schemes and have stored the information in huge databases, opening the floodgates for privacy abuses. Those databases, which are themselves remnants of previous military regimes, are currently being “modernized” to collect biometric identifiers in several countries in the region. Surveillance technologies have been repurposed to silence judges and opposition voices, demonstrating the ease with which they can be abused to subvert the rule of law in any democratic nation lacking robust checks and balances.

Distinct Contexts for Those with Access to Technology

Why does a government chooses to surveil its citizens? What legal limitations and safeguards have been established? Are these enforced? How do citizens react and perceive state surveillance? The answers to these questions, of course, depend on context. The realities of individual countries vary drastically. The problem can be divided into distinct contexts for those with access to technology and for those on the other side of the digital divide. Information activists and people in urban settings (bloggers, journalists at large, news companies, online activists) and those working in rural areas (indigenous activists, environmental activists, rural and community journalists) have noted differences in surveillance practices, tactics, and problems—particularly in areas where conflicts around mining and large-scale resource extraction are taking place. Many of the most violent conflicts in Peru, Mexico, and Central America are occurring in rural areas often in the context of the war on drugs. The added attention intensifies surveillance mainly due to the added foreign aid.

Challenging the Assumption that Surveillance Equals Security

In many regional contexts, civilians have embraced new security measures under the misconception that more intrusive measures will naturally lead to greater security. In countries like Guatemala, civil society groups have even advocated for laws opposing basic privacy protections, such a law requiring mobile phones to be registered. In Mexico, various groups strongly supported a geolocalization bill that allows authorities to track location data without a warrant. Attendees of our Surveillance and Human Rights Camp noted that all too often the public does not challenge the government and private sector surveillance that is taking place and many simply accept these activities without question.

Role of the United States in Surveillance Technologies in Latin America

For several years, the US Drug Enforcement Agency (DEA) has been providing cooperation to Latin American States to fortify local law enforcement and intelligence agency efforts to combat drug trafficking. This aid in surveillance technology has been implicated in abuses of power. For instance, the Colombian government illegally spied on political opponents and human rights activists rather than on drug lords. The “Las Chuzadas” scandal erupted around former Colombian President Alvaro Uribe and Colombia's intelligence agency (DAS) privacy abuses in 2009. As a result, a former head of the intelligence agency from 2002-2005, Jorge Noguera, was sentenced to 25 years in jail for illegally spying on political activists and collaborating with paramilitary death squads.

Leaked US diplomatic cables shed light on the DEA’s communications surveillance program. In the cases of Paraguay and Panama, the US government was pressured to permit the use of these technologies to spy on leftist groups in operations unrelated to narcotics investigations.

Context plays a critical role in shaping how state surveillance programs and practices are handled. While many differences exist, some surveillance practices are common throughout the region. U.S. foreign aid for surveillance, while intended to combat crime, has been used for practices that lead to abuse. Next, we will be writing about the role of outsourcing police enforcement.

Throughout Latin America, new surveillance practices threaten to erode individuals’ privacy, yet there is limited public awareness about the civil liberties implications of these rapid changes. Some countries are pursuing cybercrime policies that seek to increase law enforcement power without strong legal safeguards. In other nations, government-run biometric identification systems are on the rise, while certain governments are even turning to drones to aid in their surveillance activities. A culture of secrecy surrounds these surveillance practices, and citizens remain largely unaware of what types of information are being collected and how it is being used against them.

For Latin American privacy advocates, all of this makes for an uphill battle. There are relatively few NGOs working in the region specifically on privacy and surveillance, and the lack of specialization is further complicated by a pervasive societal attitude that security trumps privacy. Despite the inherent difficulties, the fledgling privacy movement has been working tirelessly to shed light on overarching surveillance practices and to preserve civil liberties in the face of these changes. Social media and blogs have made a huge impact in activism work in several countries throughout the region.

Below, we present a quick snapshot of some privacy groups, academic institutions, and dedicated individuals working in the field.

Advocacy by specialized NGOs

Let’s begin with Via Libre Foundation. An Argentinian digital rights advocacy group founded in 2000, Via Libre has advocated against mandatory biometric identification systems and data retention mandates. Via Libre has challenged Argentina's “electronic crime” bill, fighting draconian provisions to limit coders rights. Via Libre has also trained activists and journalists on secure communications, such as mastering the use of encryption and anonymity tools.

In Brazil, Movimiento Mega Nao is a grassroot movement responding to threats to Internet rights. Mega Nao recently fought an invasive cybercrime bill by advocating a civil rights framework for the Internet that includes safeguards for free expression and privacy. The Brazilian Institute of Consumer Protection (IDEC) has also launched a similar campaign. IDEC, which was founded in 1987, specializes in consumer privacy and other Internet-related issues. Another important Brazilian NGO, Instituto NUPEF, educates policymakers and civil society on Internet rights, including privacy. NUPEF also publishes a specialized Internet policy magazine.

There are also longstanding human rights NGOs who are beginning to focus more on Internet policy (including privacy). For instance: civil rights advocates Asociación por los Derechos Civiles (ADC, or Civil Rights Association in English) in Argentina, has now begun turning its attention to Internet freedom. This group of Argentinean lawyers works on defending free expression and access to information at the national level and within Inter American Human Rights System. Instituto Prensa y Sociedad (IPYS), an NGO working on investigative journalism, freedom of expression, and access to public information in Latin America, has long been fighting governmentsurveillance and protecting journalists’ free expression rights. Like IPYS, Asociación Pro Derechos Humanos (Aprodeh) has challenged illegal government surveillance in Peru during the Presidency of Alberto Fujimori. Fujimori has since been jailed for human rights violations after being tried for violating the secrecy of communication and other human rights abuses during his Presidency. It marked the first time a democratically elected former president was prosecuted at home for serious human rights violations, including the violation of privacy.

In 2007, ARTICLE 19 regionalized, moving from a single office to a growing number of regional offices supported by an international office in London. Article 19 in Latin American does litigation in precedent-setting cases defending free speech, and makes recommendations for improvement of draft laws. The organization has also called attention to the civil liberties implications of cybercrime proposals under discussion in the region. In Venezuela, a human rights organization called Espacio Publico is working to protect freedom of expression and access to information, while also offering trainings in privacy and security.

There is also a group of dedicated individuals, academics and bloggers with technical and legal backgrounds in the region who've dedicated time and effort to exploring the topics and increasing awareness on Internet policy.

Privacy activism in Latin America is on the rise, and several countries still lack strong civil society groups working in this area. In Central America and the Caribbean, online privacy and surveillance remain largely unexplored topics, disconnected from the larger human rights agenda. Human rights NGOs in the region tend to prioritize traditional human rights causes such as health, education, citizen security and ongoing battles surrounding forced disappearances and torture. While privately funded organizations work passionately on privacy-related topics, privacy is not their sole priority. Unpaid volunteers are driving much of this activism, and the organizations struggle with limited resources.

Despite these challenges and limited coverage of their efforts in the mainstream media, support for their campaigns has continued to grow. EFF will continue to work alongside civil society groups in Latin America, and to help their efforts by sharing knowledge on core Internet rights issues with policymakers throughout the region.

]]>http://advocacy.globalvoicesonline.org/2012/09/27/privacy-rights-activism-in-latin-america/feed/0Keep the Pressure On: Canadian Online Surveillance Bill on Pause, But the Fight Continueshttp://advocacy.globalvoicesonline.org/2012/03/03/keep-the-pressure-on-canadian-online-surveillance-bill-on-pause-but-the-fight-continues/
http://advocacy.globalvoicesonline.org/2012/03/03/keep-the-pressure-on-canadian-online-surveillance-bill-on-pause-but-the-fight-continues/#commentsSat, 03 Mar 2012 06:00:20 +0000http://advocacy.globalvoicesonline.org/?p=7396Last Saturday, the Canadian government announced it would put proposed online surveillance legislation temporarily “on pause” following sustained public outrage generated by the bill. Since its introduction two weeks ago, Canadians have spoken out en masse against Bill C-30, the Canadian government’s latest attempt to update police online surveillance powers. As currently drafted, the bill represents a dramatic and dangerous attempt to leverage online service providers as agents of state surveillance.

The bill introduces new police powers that would allow Canadian authorities easy access to Canadians’ online activities, including the power to force ISPs to hand over private customer data without a warrant. Adding insult to injury, the proposed legislation would also pave the way to gag orders that would prevent online service providers from notifying subscribers that their private data has been disclosed—a move that would make it impossible for users to seek legal recourse for privacy violations. C-30 is the misshapen offspring of the Cybercrime Convention. Countries have been using this treaty as an excuse to invade citizens’ privacy for years since it was first opened for signature in 2001. Many of these new surveillance powers go far beyond the Convention’s intended levels of intrusiveness.

The bill has inspired Canadian netizens to unleash the full creative force of the Internet in voicing their concerns. They generated creative rants, parodies, videos, t-shirts, LOL memes, and even a hashtag where Canadians tried to save the Government the trouble of increasing online surveillance powers by telling Public Safety Minister Vic Toews “everything.” The proposed legislation has also attracted widespread condemnation from privacy experts, Privacy Commissioners (including specific concerns from the Federal and Ontario Commissioners, as well as general concerns on behalf of all Canadian privacy officers collectively), telecommunications companies, major Canadian newspapers, all opposition political parties, and over 115,000 Canadians who, to date, have signed an online petition against Bill C-30 hosted by OpenMedia.ca.

Widespread condemnation of this bill comes in spite of months of obfuscation by the Canadian government. The government has consistently insisted that the bill does no more than apply existing surveillance capacities to the online world and that, regardless, it's main focus is on child pornography. Matters came to a head a few weeks ago when Minister Toews introduced Bill C-30 and proclaimed that all those opposed to the legislation were “with the child pornographers.” In a last minute change, Bill C-30 was even dubbed the “Protecting Children from Internet Predators Act”—this is in spite of information gathered via an access to information request by Canadian reporter Sarah Schmidt that demonstrated, in the Government’s own internal justifications for the legislation, that the powers in question are actually needed for non-criminal investigations, not child pornography.

Rhetoric aside, Bill C-30 poses serious threats to online privacy. As the majority Canadian government is not likely to give up on this proposed legislation, it is important for Canadians to keep the pressure on! We will discussing these issues in greater deal in our second post on this topic. For now, we urge supporters to join the over 115,000 Canadians who have already signed the stopspying.ca petition against Bill C-30. You can also write a letter to your MP using the Ontario Information & Privacy Commissioner’s letter writing tool.

]]>http://advocacy.globalvoicesonline.org/2012/03/03/keep-the-pressure-on-canadian-online-surveillance-bill-on-pause-but-the-fight-continues/feed/3Mexico Adopts Alarming Surveillance Legislationhttp://advocacy.globalvoicesonline.org/2012/03/02/mexico-adopts-alarming-surveillance-legislation/
http://advocacy.globalvoicesonline.org/2012/03/02/mexico-adopts-alarming-surveillance-legislation/#commentsFri, 02 Mar 2012 12:52:03 +0000http://advocacy.globalvoicesonline.org/?p=7403The Mexican legislature today adopted a surveillance legislation that will grant the police warrantless access to real time user location data. The bill was adopted almost unanimously with 315 votes in favor, 6 against, and 7 abstentions. It has been sent to the President for his approval.

There is significant potential for abuse of these new powers. The bill ignores the fact that most cellular phones today constantly transmit detailed location data about every individual to their carriers; as all this location data is housed in one place—with the telecommunications service provider—police will have access to more precise, more comprehensive and more pervasive data than would ever have been possible with the use of tracking devices. The Mexican government should be more sensitive to the fact that mobile companies are now recording detailed footprints of our daily lives.

In response to the law’s adoption, Mexican human rights lawyer Luis Fernando García told EFF, “Mexican policy makers must understand that the adoption of broad surveillance powers without adequate safeguards undermines the privacy and security of citizens, and is therefore incompatible with their human rights obligations.”

Sensitive data of this nature warrants stronger protection, not an all-access pass. Human rights advocates will evaluate all necessary legal options for challenging the legality of the measure. In the meantime, Mexican citizens should evaluate the possibility of requesting access to their own personal data retained by their mobile company according to the Mexican Data Protection Law.

In Germany, the politician and privacy advocate Malte Spitz used a similar local privacy law—which like laws in many European countries, gives individuals a right to know what kinds of data private companies retain about them—to force his cell phone carrier to reveal what records it had on him. The result was 35,831 different facts about his cell phone use over the course of six months, revealing vast amounts of personal information. To demonstrate just how intrusive this data is, Spitz chose to make it all available to the public. Watch the remarkable interactive map of Spitz’s location information if you haven’t done so.

It is time to educate all of our legislators and the general public that sensitive data warrants strong protections. EFF will continue to report on mobile and online surveillance in Mexico.

~

If you are Mexican, the Data Protection Authority has provided a FAQ on how to request access your own personal data retained by private companies.